General
-
Target
DisneyPlus Accounts checker With Capture.zip
-
Size
319KB
-
Sample
230408-h6m51sec9y
-
MD5
3525576e1a2910febe1bfe93fb2be14f
-
SHA1
3c7c3f00530ad758398249cf042c31363039a34d
-
SHA256
4d1956a024410739534b98829bee601e05b2024a052bd172b3272732a5ebe1b8
-
SHA512
0e147a26e227a2a6c2509c5b296bd251aca598913383373c43356771cf5663f1c19d86b251f570a2078c3d538e13b2df554150477a78c07a6b7022fa7f0a7564
-
SSDEEP
6144:HBqC/Blh/jz1kIp/KlHi6AZUij0YYyku0+oD1nzfB3bILBDWXE:HQCplh/j3FCCVj1Yy1UVrB3bkBh
Behavioral task
behavioral1
Sample
Disney+.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
revengerat
Guest
167.71.213.170:1738
RV_MUTEX-lDMFLRMSltdcKeY
Targets
-
-
Target
Disney+.exe
-
Size
503KB
-
MD5
7af6e766cda103858accd7ccdc151115
-
SHA1
7e00bdf6d462ec54c685651046d4cb40df1e4dc2
-
SHA256
b8fbe723db20cb1ae45230a87d495b2ab8751f1748de09fc2416955449a7bec4
-
SHA512
3a361b52ee2785b6ce61e2f972b85d8125e3bcd75828b4a7c1c971b803d3377318af75b8956254ce65562904b929dd55fd1555b14295507cbadff9117aaa443f
-
SSDEEP
6144:YSncRlTQGxePjKqjb76qtQ+nlsIcbnwdKN0IdIoWbze4uUsQkelLllarotYP:x4Xo7nQgls8seIceR74tO
Score10/10-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Uses the VBS compiler for execution
-